BYOD could grease the insider threat wheels

June 20, 2014 | By Fred Donovan

BYOD programs could make it easier for corporate insiders to steal confidential data and intellectual property, warns a report at InsideCounsel.

"There's a lot of talk about foreign attempts from other countries; I think that's a problem, but the largest problem is from insiders," says David Long-Daniels, co-chair of Greenberg Traurig's global labor and employment practice.

Most companies do not understand the risks associated with BYOD until data has been stolen.

"It can happen several different ways, and more so now since it's a common practice for companies to allow their workforces to connect to their server," adds Long-Daniels.

Long-Daniels recommends that companies clearly spell out their rights in a BYOD policy, including the right to remotely wipe an employee's personal device.

"Many companies haven't updated this policy, or purchased technology that would allow them to wipe the relevant portions of information, and that is essential to mitigating risk," he notes.

The risks posed by the insider threat are on the rise, yet organizations are not doing much about it, according to a recent survey of 693 "privileged users"--network engineers, database administrators, information security pros and cloud custodians--by the Ponemon Institute on behalf of Raytheon.

More than two-thirds of respondents said their organization's security tools do not provide enough information to deter the intent behind security incidents, yet 88 percent said that insider threats pose a significant threat to their company.